Aug 1, 2018

Shipt Subdomain TakeOver via HeroKu ( test.shipt.com )

Advertisement














 ( test.shipt.com ) Subdomain Takeover via HeroKu

I notice that Shipt become Public Program

so I started scan for Subdomain TakeOver 
by Takeover tool edited by me

Then it detected  there is a possible Takeover on
test.shipt.com 
As it has a A record 
michael.shipt.com.herokudns.com 

tried to go directly to michael.shipt.com.herokudns.com 

The Page was not found 😀 

So I claimed it on HeroKu 


 Then I uploaded a Simple Node.js to Provide more POC only 




The Team was very fast 
Reported to  : Shipt Jul 28th

Triaged : 28th

Fixed  and rewarded in 10 min


Share This
Previous Post
Next Post

Security Researcher at Many Websites - Bug Hunter - Civil Engineer Student

10 comments:

  1. Assalamualaikum brother can you that subdomain scanner tool which you have developed?

    ReplyDelete
  2. Please check your facebook message inbox ..Need urgent help

    ReplyDelete
  3. can you provide the step by step guide to do it

    ReplyDelete
  4. Can you please provide step by step procedure

    ReplyDelete
  5. While following your report I tried to claim one of the subdomain. However I am getting the error stating that "Domain is currently use by another app". Am I missing something? Help appreciated.

    ReplyDelete
    Replies
    1. Sorry But this mean you can't claim it .. its already in another account

      Delete